Mercurial > trustbridge
diff ui/sslhelp.cpp @ 464:2e100d3e414a
Add helper functions for sha256 sum and rsa signing
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Wed, 23 Apr 2014 15:33:42 +0000 |
parents | f8b480b08532 |
children | f9b0014cff97 |
line wrap: on
line diff
--- a/ui/sslhelp.cpp Wed Apr 23 15:33:09 2014 +0000 +++ b/ui/sslhelp.cpp Wed Apr 23 15:33:42 2014 +0000 @@ -6,6 +6,13 @@ * See LICENSE.txt for details. */ #include "sslhelp.h" +#include <polarssl/sha256.h> +#include <polarssl/pk.h> +#include <polarssl/entropy.h> +#include <polarssl/ctr_drbg.h> +#include <QApplication> +#include <QUuid> +#include <QDebug> QString getPolarSSLErrorMsg(int ret) { @@ -14,3 +21,57 @@ errbuf[1020] = '\0'; /* Just to be sure */ return QString::fromLatin1(errbuf); } + +QByteArray sha256sum(const QByteArray& data) +{ + unsigned char output[32]; + sha256((unsigned char *)data.constData(), (size_t)data.size(), output, 0); + return QByteArray(data, 32); +} + +QByteArray rsaSignSHA256Hash(const QByteArray& hash, pk_context *pk) +{ + int ret = 0; + unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + size_t sig_len; + entropy_context entropy; + ctr_drbg_context ctr_drbg; + + entropy_init(&entropy); + + QUuid uuid = QUuid::createUuid(); + QString personalString = QApplication::applicationName() + uuid.toString(); + QByteArray personalBa = personalString.toLocal8Bit(); + + /* + * Initialize random generator. + * Personalisation string, does not need to be random but + * should be unique according to documentation. + * + * the ctr_drbg structure does not need to be freed explicitly. + */ + ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, + (const unsigned char*) personalBa.constData(), + personalBa.size()); + if (ret != 0) { + qDebug() << "Failed to initialize drbg: " << getPolarSSLErrorMsg(ret); + entropy_free (&entropy); + return QByteArray(); + } + + ret = pk_sign(pk, POLARSSL_MD_SHA256, (const unsigned char*) hash.constData(), + hash.size(), sig, &sig_len, ctr_drbg_random, &ctr_drbg); + entropy_free (&entropy); + + if (ret != 0) { + qDebug() << "Failed to sign: " << getPolarSSLErrorMsg(ret); + return QByteArray(); + } + + if (sig_len != 3072 / 8) { + qDebug() << "Invalid size of signature: " << sig_len; + return QByteArray(); + } + + return QByteArray((const char *)sig, (int)sig_len); +}